Hi Carsten:
Indeed, 802.15.4 only provides facilities for key usage and not for any other
aspects of the key lifecycle (key initialization, key distribution, key
updates, etc, etc.).
Indeed, 2^{20} seconds are not 48.5 days, but 2^{22} seconds roughly are...
Rene
PS.: 2^20 seconds ≠ 48.5 days :-)
-----Original Message-----
From: Carsten Bormann [mailto:[email protected]]
Sent: Tuesday, June 09, 2009 3:33 PM
To: Rene Struik
Cc: Richard Kelsey; [email protected]
Subject: Re: [6lowpan] ND and MAC-level security
Hi Rene,
thanks for the information about 15.4e -- that draft would be very
welcome input for Stockholm!
The clause you cited from 15.4-2006 says what I said in a couple more
words:
15.4 provides state-of-the-art cryptographic mechanisms.
These can be used for security, but 15.4 does not say how.
In particular there is no defined key management.
The references you gave don't change that (but they do contain
proposals for nice fixes, in particular finally a secured ACK).
I'm not saying all this to critique 15.4, just to wake up people on
this list to the fact that we cannot simply rely on the wonderful
security provided by 15.4 -- there is none, unless we add key
management.
Gruesse, Carsten
PS.: 2^20 seconds ≠ 48.5 days :-)
_______________________________________________
6lowpan mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6lowpan
